CVE-2010-1205: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

June 30, 2010 (updated August 14, 2020)

Buffer overflow in pngpread.c in libpng, as used in progressive applications, might allow remote attackers to execute arbitrary code via a PNG image that triggers an additional data row.

References

nvd.nist.gov/vuln/detail/CVE-2010-1205

Code Behaviors & Features

Detect and mitigate CVE-2010-1205 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →